Author: Christian Decker 2018-07-13 11:07:48
Published on: 2018-07-13T11:07:48+00:00
Fred Savage raised some issues with sighash_noinput, stating that it cannot prevent address-reuse and users who would 'autopilot' LN and only see the GUI will have no clue what technicals are happening under the hood. The risks involve a user creating a channel could tweak their own LN node to make their counterparty sign a sighash-noinput as a term/condition of the channel, where a tx can be signed but then allow the out's to alter value using a different opcode. Additionally, by allowing certain things to change after signing brings back malleability for those that use a TXID to identify a tx has been confirmed. However, Christian argues that these points are moot since these are scripts used in very specialized contexts and should not be shown to any end-user. Furthermore, wallets that are not part of LN or eltoo won't even know how to sign with sighash-noinput. Christian also states that you cannot force the counterparty to sign with a sighash-flag that they don't choose themselves, and wallets should not even allow signing with it. He says that sighash-noinput is a sharp tool that should only be used in specific situations to enable more flexibility, and it can improve the safety of off-chain protocols a lot.
Updated on: 2023-06-13T01:47:04.328485+00:00